From owner-freebsd-security@FreeBSD.ORG Fri May 6 15:21:12 2011 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0F8FD106566C for ; Fri, 6 May 2011 15:21:12 +0000 (UTC) (envelope-from daniel.jacobsson.90@gmail.com) Received: from mail-ew0-f54.google.com (mail-ew0-f54.google.com [209.85.215.54]) by mx1.freebsd.org (Postfix) with ESMTP id 8CB398FC14 for ; Fri, 6 May 2011 15:21:11 +0000 (UTC) Received: by ewy1 with SMTP id 1so1291609ewy.13 for ; Fri, 06 May 2011 08:21:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:message-id:date:from:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=dQMIrhL7rpoyJ5tWevk7YqJMTXo7czb7L+tvnlLFjqo=; b=pX0ATAucQi2q3C1TQ++hkNZOwAM6n6lX7iDlFe2rn8bRgPEkIoV0cuQANfBRjOSUf0 qiFk5iA/RedJssIDXKGyYN/JK4rohw6mZhhe2eN7U7LUrPOLIhJPjiUvezg+Bbw83zIl gig3MlickATDDpi/gYd4B//jSDMdJKEQt5/N8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; b=Bwv/9oWLgUqbE+sfevsGMGeaSScBvN/ij7vXwCLLY6w+xT30mK291R/UoQXkU+Shk+ ur9x0hSEUHI76qHS+SbvQt4oT1e1yUM07aDJsYL599qePdg182lbjSjE0STgvxkQ3gIc +P5HG8MaDWAWP58epOWi5TtaoNFXsyex0P5dE= Received: by 10.213.29.18 with SMTP id o18mr1033991ebc.130.1304694897162; Fri, 06 May 2011 08:14:57 -0700 (PDT) Received: from [192.168.2.7] (toad.gitty.se [193.11.160.171]) by mx.google.com with ESMTPS id h55sm1393245eeb.23.2011.05.06.08.14.55 (version=SSLv3 cipher=OTHER); Fri, 06 May 2011 08:14:55 -0700 (PDT) Message-ID: <4DC4102E.8000700@gmail.com> Date: Fri, 06 May 2011 17:13:50 +0200 From: Daniel Jacobsson User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; sv-SE; rv:1.9.2.17) Gecko/20110414 Thunderbird/3.1.10 MIME-Version: 1.0 To: freebsd-security@freebsd.org References: <4DC40E21.6040503@gmail.com> In-Reply-To: <4DC40E21.6040503@gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Fri, 06 May 2011 15:26:52 +0000 Subject: =?iso-8859-1?q?Re=3A_Rooting_FreeBSD_=2C_Privilege_Escalation_us?= =?iso-8859-1?q?ing_Jails_=28P=E9tur=29?= X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 May 2011 15:21:12 -0000 Daniel Jacobsson skrev 2011-05-06 17:05: > I read this (http://www.petur.eu/blog/?p=459) blog post today. It's > about that a remote user with root privilegs to a FreeBSD jail & user > privileges to the jails host machine can obtain root privileges on the > host machine. > Can someone confirm if this bugg/exploit works? Ah, think i found an old post (http://freebsd.1045724.n5.nabble.com/Thoughts-on-jail-privilege-FAQ-submission-td4219099.html) about this subject, so it seems to be old news.